Negosentro|How to Recover from a Cyber Attack as a Small Business|When most people think of cyber attacks, they think of the colossal breaches: Target, Yahoo, Home Depot, Marriott, Equifax. It’s true that cyber attacks on big firms do eat up a huge amount of press coverage, but it’s small businesses that are more likely to be the target of criminals. What’s more, small businesses are also most likely to experience the most devastating hits.
One in five small businesses will experience a cyber attack. Among those that are hit, 60% close their doors within six months of the event. The average cyberattack costs a small organization around $200K, which is money few businesses have. Yet, too many small business owners aren’t prepared for what is almost an eventuality.
If your business is the victim of cybercriminals, you need to act quickly to mitigate the damage and prevent further attacks. Your livelihood could depend on it.
Do Damage Control ASAP
One of the reasons cyber attacks can be so devastating is that few businesses catch them right away. When the Starwood hotels attack occurred, the data of almost 500 million customers were affected. Why so many? Because the attackers had rooted around in Starwood’s systems for almost four years before anyone raised the alarm.
Global giants like Marriott (who bought Starwood) can withstand the damage. Your business can’t. So your first step should be to do everything possible to contain the breach. You may need to disconnect from the internet, change your passwords, and make sure your security systems are all up to date.
You then need to figure out who and what became affected by the breach. Once you have a clearer picture, you enter one of the hardest parts of recovery: communicating the breach with your stakeholders.
Be Honest with Your Partners and Customers
The one thing no one wants to do is tell their business partners and customers their personal data is compromised. It’s a bad look for you, and it invites both questions and blame — two things your business doesn’t need as you scramble to recover from a cyber attack. At the same time, communicating data breaches is an important part of the recovery process.
Your communications regarding the breach fall under the umbrella of ‘crisis communications.’ It’s not a commonly tread path for most low-risk businesses, but it’s becoming an increasingly necessary skill as more and more businesses move their operations online. At its core, crisis communication provides a way for relevant parties to share information about:
- Rectifying a problem
- Protecting employees, customers, and assets
- Continuing operations
Crisis communications are different for each company, but what’s most important for all companies is that the communication is honest. Honesty doesn’t mean sharing every little detail: it means speaking accurately about who was impacted, how vulnerable they are, and how the breach happened.
Communicating your breach may even be a legal standard if you fall under the purview of privacy laws like the General Data Protection Regulation (GDPR). While the GDPR has fairly strict disclosure requirements, under Article 33, the California Consumer Privacy Act of 2018, which goes into effect this year, will give consumers in the state some serious protections. For instance, the CCPA will give consumers the ability to find out just which personal information is being collected by e-commerce entities.
Build a Comprehensive Cyber Attack Recovery Plan
You only need to go through one breach to realize you would prefer never to do it again. Fortunately, there are steps you can take in addition to your core cybersecurity programs to help mitigate the potential damage done by any intrusion into your systems.
Your crisis evaluation and communication plans are the first parts of recovery. However, you also need a complete data backup and restoration plan — and your IT team needs to know how to operate it. In essence, it’s a plan that takes protected and backed up data from a secondary storage space and either puts it back or places it in a new location. It’s also important to back-up your back-ups. Your ability to restore data can be the make-or-break moment for your business.
One step that many small businesses miss is their security recovery plan. You need to take steps to re-secure your business after the breach, such as by installing protective controls or using secure shredding for important documents that could place your business further at risk. You also need to do this in such a way that allows your IT team to collect evidence and identify the root cause. You’ll need these both to prevent further intrusions but also possible for any insurance claims.
Consider Cyber Liability Insurance
The likelihood of a cybersecurity incident combined with the devastating toll it can take on businesses means you need to do your best to avoid those attacks in the first place. However, any cybersecurity expert worth their salt will also tell you that there’s no security protocol that offers a 100% guarantee you’ll never face a cybersecurity attack. So what can you do to protect your business from the devastation of a cyber attack?
Cyber liability insurance is a new type of insurance coverage that protects businesses from the financial loss that accompanies data breaches. The policies cover two eventualities: the first is a first-party coverage, which covers your expenses directly related to the breach. The second is third-party coverage, which provides benefits to people who are hurt as a result of the attack (i.e., if your clients’ identities are stolen).
Do businesses really buy into this policy, or is it just another insurance trend? The answer is both, but the market is growing. The market for these policies has grown 11.3% per year since 2015. It’s also a good idea to find a policy now: as cybersecurity risks grow and claims increase, policies could become more expensive.
Are You Prepared to Fight for Your Business?
Small business owners may think of themselves as small potatoes. Why would criminals come for your data when they could attack much more lucrative targets? You may not realize, however, that a lack of preparedness is one of the reasons that small businesses make such valuable targets.
To protect your business from financial ruin, you need to prepare for cyberattacks before they happen. And because no amount of preparedness can ultimately protect you, you need a recovery plan to help mitigate the damage. If you can do both of these, then you can rest assured that even if there are intruders knocking on your door, you’ve at least done what you can to protect your employees, partners, and customers.